From 580ab1dd76cb6ce6a433ea7c5f406d728e0b86ea Mon Sep 17 00:00:00 2001 From: Klara M Helgemo Date: Tue, 17 Oct 2023 10:29:26 +0200 Subject: [PATCH 01/10] Fjern code scanning alert " 1 Serverside request forgery" --- .../opensearch/OpensearchAdminService.java | 34 +++++++++++++------ 1 file changed, 23 insertions(+), 11 deletions(-) diff --git a/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java b/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java index e3018af489..837a365e96 100644 --- a/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java +++ b/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java @@ -4,6 +4,7 @@ import lombok.extern.slf4j.Slf4j; import no.nav.common.rest.client.RestUtils; import no.nav.common.types.identer.AktorId; +import no.nav.pto.veilarbportefolje.config.EnvironmentProperties; import no.nav.pto.veilarbportefolje.opensearch.domene.OpensearchClientConfig; import okhttp3.*; import org.apache.commons.io.IOUtils; @@ -41,18 +42,21 @@ @Slf4j @Service public class OpensearchAdminService { + private static EnvironmentProperties environmentProperties; private final RestHighLevelClient restHighLevelClient; private final OpensearchClientConfig openSearchClientConfig; private final OkHttpClient httpClient; + + @Autowired - public OpensearchAdminService(RestHighLevelClient restHighLevelClient, OpensearchClientConfig openSearchClientConfig) { + public OpensearchAdminService(EnvironmentProperties environmentProperties, RestHighLevelClient restHighLevelClient, OpensearchClientConfig openSearchClientConfig) { + OpensearchAdminService.environmentProperties = environmentProperties; this.restHighLevelClient = restHighLevelClient; this.openSearchClientConfig = openSearchClientConfig; - this.httpClient = baseClient(); } - + public String VALID_URI = environmentProperties.getOpensearchUri(); @SneakyThrows public String opprettNyIndeks() { return opprettNyIndeks(createIndexName()); @@ -165,7 +169,6 @@ public String getSettingsOnIndex(String indexName) { .url(url).get() .addHeader("Authorization", getAuthHeaderValue(openSearchClientConfig)) .build(); - return callAndGetBody(request); } @@ -239,14 +242,23 @@ private String readJsonFromFileStream(InputStream settings) { @SneakyThrows private String callAndGetBody(Request request) { - try (Response response = httpClient.newCall(request).execute()) { - RestUtils.throwIfNotSuccessful(response); - try (ResponseBody responseBody = response.body()) { - if (responseBody == null) { - return null; + + if (VALID_URI.equals(request.url().uri().toString())) { + try (Response response = httpClient.newCall(request).execute()) { + RestUtils.throwIfNotSuccessful(response); + try (ResponseBody responseBody = response.body()) { + if (responseBody == null) { + return null; + } + return responseBody.string(); } - return responseBody.string(); - } + } + } else { + log.error("Feil i uri OpensearchAdminService callAndGetBody {}", request.url().uri()); + Response.Builder builder = new Response.Builder(); + builder.code(400).message("Illegal URI"); + Response responseBadUri = builder.build(); + return responseBadUri.toString(); } } } From 601fb8d86dd0d0304954d27896af2692fa43c42e Mon Sep 17 00:00:00 2001 From: Klara M Helgemo Date: Tue, 17 Oct 2023 12:38:31 +0200 Subject: [PATCH 02/10] Diverse bumper --- pom.xml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/pom.xml b/pom.xml index c5ccaf830b..471841c93f 100644 --- a/pom.xml +++ b/pom.xml @@ -15,11 +15,11 @@ 17 - 3.2023.04.11_09.05-411b59915166 + 3.2023.10.17_06.55-4e30d96bba05 c22beae 2.3.1 - 1.16.0 - + 2.0 + 1.17.6 17 17 17 @@ -89,7 +89,7 @@ org.apache.avro avro - 1.11.1 + 1.11.3 org.springframework.boot @@ -241,7 +241,7 @@ com.github.navikt.poao-tilgang client - 2023.03.06_12.28-f645c4624641 + 2023.10.09_13.45-b5ace74e861a @@ -271,7 +271,7 @@ org.opensearch.client opensearch-rest-high-level-client - 2.7.0 + 2.11.0 @@ -288,7 +288,7 @@ net.javacrumbs.shedlock shedlock-provider-jdbc-template - 4.44.0 + 5.2.0 @@ -312,7 +312,7 @@ io.micrometer micrometer-registry-prometheus - 1.11.1 + 1.11.2 @@ -342,7 +342,7 @@ com.github.tomakehurst wiremock-jre8-standalone - 2.35.0 + 2.35.1 org.springframework.boot From 5104579569ba97a49ba6c7606923790e394328b8 Mon Sep 17 00:00:00 2001 From: Klara M Helgemo Date: Tue, 17 Oct 2023 13:04:59 +0200 Subject: [PATCH 03/10] Diverse bumper 2 --- pom.xml | 2 +- .../veilarbportefolje/opensearch/OpensearchIndexerV2.java | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/pom.xml b/pom.xml index 471841c93f..699511bf98 100644 --- a/pom.xml +++ b/pom.xml @@ -266,7 +266,7 @@ org.opensearch opensearch - 2.7.0 + 2.10.0 org.opensearch.client diff --git a/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchIndexerV2.java b/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchIndexerV2.java index 7fd1aa673e..d426f9dd62 100644 --- a/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchIndexerV2.java +++ b/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchIndexerV2.java @@ -21,8 +21,8 @@ import org.opensearch.action.update.UpdateRequest; import org.opensearch.client.RequestOptions; import org.opensearch.client.RestHighLevelClient; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.XContentBuilder; -import org.opensearch.rest.RestStatus; import org.springframework.stereotype.Service; import java.io.IOException; @@ -31,9 +31,7 @@ import java.util.Optional; import static java.lang.String.format; -import static no.nav.pto.veilarbportefolje.util.DateUtils.getFarInTheFutureDate; -import static no.nav.pto.veilarbportefolje.util.DateUtils.toIsoUTC; -import static no.nav.pto.veilarbportefolje.util.DateUtils.toLocalDateOrNull; +import static no.nav.pto.veilarbportefolje.util.DateUtils.*; import static no.nav.pto.veilarbportefolje.util.SecureLog.secureLog; import static org.opensearch.common.xcontent.XContentFactory.jsonBuilder; From 77c4c70b9f188fd51123103a7fbad6dd11210b4c Mon Sep 17 00:00:00 2001 From: Klara M Helgemo Date: Tue, 17 Oct 2023 14:24:36 +0200 Subject: [PATCH 04/10] Tilbake til gammel pom.xml --- pom.xml | 20 +++++++++---------- .../opensearch/OpensearchAdminService.java | 8 +++----- .../opensearch/OpensearchIndexerV2.java | 6 ++++-- 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/pom.xml b/pom.xml index 699511bf98..c5ccaf830b 100644 --- a/pom.xml +++ b/pom.xml @@ -15,11 +15,11 @@ 17 - 3.2023.10.17_06.55-4e30d96bba05 + 3.2023.04.11_09.05-411b59915166 c22beae 2.3.1 - 2.0 - 1.17.6 + 1.16.0 + 17 17 17 @@ -89,7 +89,7 @@ org.apache.avro avro - 1.11.3 + 1.11.1 org.springframework.boot @@ -241,7 +241,7 @@ com.github.navikt.poao-tilgang client - 2023.10.09_13.45-b5ace74e861a + 2023.03.06_12.28-f645c4624641 @@ -266,12 +266,12 @@ org.opensearch opensearch - 2.10.0 + 2.7.0 org.opensearch.client opensearch-rest-high-level-client - 2.11.0 + 2.7.0 @@ -288,7 +288,7 @@ net.javacrumbs.shedlock shedlock-provider-jdbc-template - 5.2.0 + 4.44.0 @@ -312,7 +312,7 @@ io.micrometer micrometer-registry-prometheus - 1.11.2 + 1.11.1 @@ -342,7 +342,7 @@ com.github.tomakehurst wiremock-jre8-standalone - 2.35.1 + 2.35.0 org.springframework.boot diff --git a/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java b/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java index 837a365e96..35e3b4d70b 100644 --- a/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java +++ b/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java @@ -42,21 +42,19 @@ @Slf4j @Service public class OpensearchAdminService { - private static EnvironmentProperties environmentProperties; private final RestHighLevelClient restHighLevelClient; private final OpensearchClientConfig openSearchClientConfig; private final OkHttpClient httpClient; - + private final String opensearchUri; @Autowired public OpensearchAdminService(EnvironmentProperties environmentProperties, RestHighLevelClient restHighLevelClient, OpensearchClientConfig openSearchClientConfig) { - OpensearchAdminService.environmentProperties = environmentProperties; + this.opensearchUri = environmentProperties.getOpensearchUri(); this.restHighLevelClient = restHighLevelClient; this.openSearchClientConfig = openSearchClientConfig; this.httpClient = baseClient(); } - public String VALID_URI = environmentProperties.getOpensearchUri(); @SneakyThrows public String opprettNyIndeks() { return opprettNyIndeks(createIndexName()); @@ -243,7 +241,7 @@ private String readJsonFromFileStream(InputStream settings) { @SneakyThrows private String callAndGetBody(Request request) { - if (VALID_URI.equals(request.url().uri().toString())) { + if (Objects.equals(this.opensearchUri, request.url().uri().toString())) { try (Response response = httpClient.newCall(request).execute()) { RestUtils.throwIfNotSuccessful(response); try (ResponseBody responseBody = response.body()) { diff --git a/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchIndexerV2.java b/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchIndexerV2.java index d426f9dd62..7fd1aa673e 100644 --- a/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchIndexerV2.java +++ b/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchIndexerV2.java @@ -21,8 +21,8 @@ import org.opensearch.action.update.UpdateRequest; import org.opensearch.client.RequestOptions; import org.opensearch.client.RestHighLevelClient; -import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.XContentBuilder; +import org.opensearch.rest.RestStatus; import org.springframework.stereotype.Service; import java.io.IOException; @@ -31,7 +31,9 @@ import java.util.Optional; import static java.lang.String.format; -import static no.nav.pto.veilarbportefolje.util.DateUtils.*; +import static no.nav.pto.veilarbportefolje.util.DateUtils.getFarInTheFutureDate; +import static no.nav.pto.veilarbportefolje.util.DateUtils.toIsoUTC; +import static no.nav.pto.veilarbportefolje.util.DateUtils.toLocalDateOrNull; import static no.nav.pto.veilarbportefolje.util.SecureLog.secureLog; import static org.opensearch.common.xcontent.XContentFactory.jsonBuilder; From 7927b570eb01d531e00f407f1d881e407915da5b Mon Sep 17 00:00:00 2001 From: Klara M Helgemo Date: Tue, 17 Oct 2023 15:51:02 +0200 Subject: [PATCH 05/10] Logger uri --- .../pto/veilarbportefolje/opensearch/OpensearchAdminService.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java b/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java index 35e3b4d70b..9c951ae826 100644 --- a/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java +++ b/src/main/java/no/nav/pto/veilarbportefolje/opensearch/OpensearchAdminService.java @@ -242,6 +242,7 @@ private String readJsonFromFileStream(InputStream settings) { private String callAndGetBody(Request request) { if (Objects.equals(this.opensearchUri, request.url().uri().toString())) { + log.info("Logger uri OpensearchAdminService callAndGetBody {}", request.url().uri()); try (Response response = httpClient.newCall(request).execute()) { RestUtils.throwIfNotSuccessful(response); try (ResponseBody responseBody = response.body()) { From cab7c08b65bc9aa7f63804253a964a8231540083 Mon Sep 17 00:00:00 2001 From: Klara M Helgemo Date: Fri, 27 Oct 2023 13:24:38 +0200 Subject: [PATCH 06/10] Oppgrader nav-common-library --- .../build-deploy-feature-branch-q1.yaml | 2 +- .github/workflows/main.yml | 2 +- pom.xml | 4 ++-- .../persononinfo/PersoninfoController.java | 19 ------------------- 4 files changed, 4 insertions(+), 23 deletions(-) delete mode 100644 src/main/java/no/nav/pto/veilarbportefolje/persononinfo/PersoninfoController.java diff --git a/.github/workflows/build-deploy-feature-branch-q1.yaml b/.github/workflows/build-deploy-feature-branch-q1.yaml index 468ea07c82..1e80971ef0 100644 --- a/.github/workflows/build-deploy-feature-branch-q1.yaml +++ b/.github/workflows/build-deploy-feature-branch-q1.yaml @@ -24,7 +24,7 @@ jobs: - name: Build maven artifacts run: mvn -Dgithub.token=${{ secrets.GITHUB_TOKEN }} -B package -D skipTests - name: Login to Docker - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 529a2b33a1..fe8b60e99b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -42,7 +42,7 @@ jobs: - name: Build maven artifacts run: mvn -Dgithub.token=${{ secrets.GITHUB_TOKEN }} -B package -D skipTests - name: Login to Docker - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/pom.xml b/pom.xml index c5ccaf830b..36ed1fb0db 100644 --- a/pom.xml +++ b/pom.xml @@ -15,7 +15,7 @@ 17 - 3.2023.04.11_09.05-411b59915166 + 3.2023.10.17_06.55-4e30d96bba05 c22beae 2.3.1 1.16.0 @@ -342,7 +342,7 @@ com.github.tomakehurst wiremock-jre8-standalone - 2.35.0 + 2.35.1 org.springframework.boot diff --git a/src/main/java/no/nav/pto/veilarbportefolje/persononinfo/PersoninfoController.java b/src/main/java/no/nav/pto/veilarbportefolje/persononinfo/PersoninfoController.java deleted file mode 100644 index 30cb2998d0..0000000000 --- a/src/main/java/no/nav/pto/veilarbportefolje/persononinfo/PersoninfoController.java +++ /dev/null @@ -1,19 +0,0 @@ -package no.nav.pto.veilarbportefolje.persononinfo; - -import org.springframework.http.HttpStatus; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.ResponseStatus; -import org.springframework.web.bind.annotation.RestController; - -@RestController -@RequestMapping("/api/personinfo") -public class PersoninfoController { - - @GetMapping("/{fnr}") - @ResponseStatus(HttpStatus.GONE) - public void hentPersoninfo(@PathVariable("fnr") String fnr) { - } - -} From f484b9d99eb0530a22f96cd22d5f2647d80d8740 Mon Sep 17 00:00:00 2001 From: Klara M Helgemo Date: Fri, 27 Oct 2023 13:37:22 +0200 Subject: [PATCH 07/10] bruk docker/build-push-action versjon 5 --- .github/workflows/build-deploy-feature-branch-q1.yaml | 2 +- .github/workflows/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-deploy-feature-branch-q1.yaml b/.github/workflows/build-deploy-feature-branch-q1.yaml index 1e80971ef0..dad764bef7 100644 --- a/.github/workflows/build-deploy-feature-branch-q1.yaml +++ b/.github/workflows/build-deploy-feature-branch-q1.yaml @@ -30,7 +30,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push Docker image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . push: true diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index fe8b60e99b..f0f9949813 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -48,7 +48,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push Docker image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . push: true From 7e513f1a258bd8a2cff58555b1b5e75acf1b93f1 Mon Sep 17 00:00:00 2001 From: Dragutin Vujovic Date: Fri, 27 Oct 2023 14:34:02 +0200 Subject: [PATCH 08/10] Update okhttp version --- pom.xml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 36ed1fb0db..40993b2e36 100644 --- a/pom.xml +++ b/pom.xml @@ -1,6 +1,7 @@ + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> 4.0.0 org.springframework.boot @@ -84,7 +85,7 @@ com.squareup.okhttp3 okhttp - 4.11.0 + 4.12.0 org.apache.avro From 2233e9ec1c307b37fd44f76ccf1765002572a7ec Mon Sep 17 00:00:00 2001 From: Dragutin Vujovic Date: Fri, 27 Oct 2023 14:44:05 +0200 Subject: [PATCH 09/10] Update kotlin version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 40993b2e36..88e2bcfce6 100644 --- a/pom.xml +++ b/pom.xml @@ -45,7 +45,7 @@ org.jetbrains.kotlin kotlin-maven-plugin - ${kotlin.version} + 1.9.0 compile From f2fbaf0714d3a6cae250bc39fed2ee17bf1cc765 Mon Sep 17 00:00:00 2001 From: Dragutin Vujovic Date: Fri, 27 Oct 2023 14:50:00 +0200 Subject: [PATCH 10/10] Update Spring boot starter --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 88e2bcfce6..a6498d716e 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ org.springframework.boot spring-boot-starter-parent - 3.0.5 + 3.1.5 @@ -45,7 +45,7 @@ org.jetbrains.kotlin kotlin-maven-plugin - 1.9.0 + ${kotlin.version} compile